Alert - XSS vulnerability


#1

In dhx.Alert function is xss, sample is there: https://snippet.dhtmlx.com/09p04cn4
Could you implement htmlEnable flag there?


#2

Thank you for your report. I’ve sent it to the dev team.
I’ll inform you about any progress on that issue.


#3

We have added the htmlEnable property for the dhx.Message in the latest (7.3) dhx.Suite update.
Please, try to download the latest available build from your client’s area to get that functionality.
You can also check it here:
https://snippet.dhtmlx.com/0id8455k